Mobile devices are increasingly used to access internet services. Often internet services require secure transactions to protect sensitive data. Such security measures often impose identity and authentication burdens on the user in the form of data requirements such as usernames, pins, and/or passwords. Wireless telecommunications networks may implement various forms of authentication. Service providers may also seek various user attributes to authenticate a user, identify a user, and/or determine a user's level of access to a web service.
Single sign-on (SSO) solutions have been proposed that aim to make user authentication less cumbersome for a user. The OpenID protocols are one example of protocols that make single sign-on possible. The OpenID 2.0 protocol and the more recent OpenID Connect protocol are the most prevalent of the OpenID protocols. Hereinafter, the term “OpenID protocol” alone is meant to cover any of the various forms of OpenID protocols, including OpenID 2.0 and OpenID Connect. If a particular protocol is to be discussed, it will be specifically identified.
Often current approaches to SSO, such as the OpenID protocols, require a network identity provider to implement various SSO mechanisms. These approaches may give the user limited control over his/her identity information as it is handled by a SSO identity provider, and may result in user data and communications that are vulnerable to security attacks.